Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

394 matches found

RedhatCVE
RedhatCVEadded 2026/06/05 7:34 p.m.4 views

CVE-2026-1677

Zephyr sockets created with IPPROTOTLS13 can still negotiate a TLS 1.2 connection when both TLS versions are enabled in Kconfig, because the socket-level protocol selection is not propagated to mbedTLS e.g. via mbedtlssslconfmintlsversion. The ClientHello advertises both versions and the peer can...

5.3CVSS5.4AI score0.00197EPSS
Exploits0References1
NVD
NVDadded 2026/05/11 6:16 a.m.13 views

CVE-2026-1677

Zephyr sockets created with IPPROTOTLS13 can still negotiate a TLS 1.2 connection when both TLS versions are enabled in Kconfig, because the socket-level protocol selection is not propagated to mbedTLS e.g. via mbedtlssslconfmintlsversion. The ClientHello advertises both versions and the peer can...

5.3CVSS0.00197EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/05/11 5:52 a.m.10 views

CVE-2026-1677 net: TLS 1.2 connections allowed on TLS 1.3 sockets

Zephyr sockets created with IPPROTOTLS13 can still negotiate a TLS 1.2 connection when both TLS versions are enabled in Kconfig, because the socket-level protocol selection is not propagated to mbedTLS e.g. via mbedtlssslconfmintlsversion. The ClientHello advertises both versions and the peer can...

5.3CVSS5.8AI score0.00197EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/11 5:52 a.m.8 views

CVE-2026-1677

Zephyr sockets created with IPPROTOTLS13 can still negotiate a TLS 1.2 connection when both TLS versions are enabled in Kconfig, because the socket-level protocol selection is not propagated to mbedTLS e.g. via mbedtlssslconfmintlsversion. The ClientHello advertises both versions and the peer can...

5.3CVSS5.8AI score0.00197EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/05/11 5:52 a.m.35 views

CVE-2026-1677 net: TLS 1.2 connections allowed on TLS 1.3 sockets

Zephyr sockets created with IPPROTOTLS13 can still negotiate a TLS 1.2 connection when both TLS versions are enabled in Kconfig, because the socket-level protocol selection is not propagated to mbedTLS e.g. via mbedtlssslconfmintlsversion. The ClientHello advertises both versions and the peer can...

5.3CVSS0.00197EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/10 7:7 a.m.2 views

CVE-2026-29129

A flaw was found in Apache Tomcat. This vulnerability occurs when the configured cipher preference order is not preserved. This could allow an attacker to bypass intended security configurations, potentially leading to a weakened security posture or information disclosure. Mitigation Configure...

7.5CVSS5.9AI score0.0024EPSS
Exploits0References4
EUVD
EUVDadded 2026/02/27 9:30 a.m.5 views

EUVD-2026-9008

An attacker may exploit the use of weak CBC-based cipher suites in the device’s SSH service to potentially observe or manipulate parts of the encrypted SSH communication, if they are able to intercept or interact with the network traffic...

6.5CVSS5.9AI score0.00199EPSS
Exploits0References7
NVD
NVDadded 2026/02/27 9:16 a.m.7 views

CVE-2026-1626

An attacker may exploit the use of weak CBC-based cipher suites in the device’s SSH service to potentially observe or manipulate parts of the encrypted SSH communication, if they are able to intercept or interact with the network traffic...

9.1CVSS0.00199EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/02/27 8:40 a.m.3 views

CVE-2026-1626

An attacker may exploit the use of weak CBC-based cipher suites in the device’s SSH service to potentially observe or manipulate parts of the encrypted SSH communication, if they are able to intercept or interact with the network traffic...

6.5CVSS5.8AI score0.00199EPSS
Exploits0References6
CVE
CVEadded 2026/02/27 8:40 a.m.18 views

CVE-2026-1626

The vulnerability CVE-2026-1626 affects SICK LMS1000 and SICK MRS1000 devices, where the SSH service may accept weak CBC-based cipher suites. This could allow an attacker with network access to observe or manipulate portions of SSH communications. Red Hat and other sources corroborate a CBC-relat...

9.1CVSS5.9AI score0.00199EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologiesadded 2026/02/27 12:0 a.m.7 views

PT-2026-22320

An attacker may exploit the use of weak CBC-based cipher suites in the device’s SSH service to potentially observe or manipulate parts of the encrypted SSH communication, if they are able to intercept or interact with the network traffic...

6.5CVSS5.9AI score0.00199EPSS
Exploits0References7
Debian CVE
Debian CVEadded 2026/02/20 2:47 a.m.4 views

CVE-2026-27017

uTLS is a fork of crypto/tls, created to customize ClientHello for fingerprinting resistance while still using it for the handshake. Versions 1.6.0 through 1.8.0 contain a fingerprint mismatch with Chrome when using GREASE ECH, related to cipher suite selection. When Chrome selects the preferred...

5.3CVSS5.3AI score0.00154EPSS
Exploits0
Packet Storm News
Packet Storm Newsadded 2026/02/12 12:0 a.m.3 views

TestSSL 3.2.3

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in pure bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets...

5.5AI score
Exploits0
CNNVD
CNNVDadded 2026/01/27 12:0 a.m.2 views

OpenSSL security vulnerabilities

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables the implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure has...

5.9CVSS6.2AI score0.00748EPSS
Exploits1References5
RedhatCVE
RedhatCVEadded 2026/01/07 9:49 a.m.5 views

CVE-2022-27581

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU61x firmware version...

6.5CVSS6.6AI score0.00312EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2025/11/25 12:0 a.m.1 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gnutls (UTSA-2025-990960)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990960 advisory. A NULL pointer dereference flaw was found in the GnuTLS software in gnutlsfigurecommonciphersuite. Tenable has extracted the preceding description block directly fro...

6.5CVSS6.3AI score0.00619EPSS
Exploits0References4
Hacker One
Hacker Oneadded 2025/11/15 10:45 p.m.13 views

curl: Incorrect sizeof() in Rustls Backend Memory Allocation

Summary There's a bug in lib/vtls/rustls.c where malloc uses sizeofciphersuites instead of sizeofciphersuites. This allocates memory based on pointer size rather than element size. Steps To Reproduce 1. Look at lib/vtls/rustls.c line 530: c const struct rustlssupportedciphersuite ciphersuites =...

7.3AI score
Exploits0
Rosalinux
Rosalinuxadded 2025/10/27 6:20 a.m.4 views

Advisory ROSA-SA-2025-3042

Software: gnutls 3.6.16 OS: ROSA Virtualization 3.0 unaffected versions = gnutls-3.6.16-8.0.0.1.rv30.4 affected versions gnutls-3.6.16-8.0.1.1.rv30.4 CVE-ID: CVE-2024-12243 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in GnuTLS when processing ASN.1 data via libtasn1 could result in...

8.2CVSS7AI score0.01193EPSS
Exploits0
EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2016-0739

Malware in sbrugna...

5.9CVSS7.7AI score0.06903EPSS
Exploits0References41
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2013-3961

Malware in sbrugna...

4.3CVSS6.4AI score0.00947EPSS
Exploits0References3
Rows per page
Query Builder